CAST demystifies open source software licensing with new License Rulebook

New York and Paris, April 19, 2022 - CAST announced the release of its Open Source License Rulebook capability available directly in the user interface of CAST Highlight, the Software Composition Analysis (SCA) product for controlling open-source software risks across entire application portfolios. When organizations use open-source components within their custom built software, these components typically come with a license specifying how the software can be used legally. However, the legal requirements of these licenses can be complex and confusing for individuals without expertise in intellectual property laws – until now.

The new CAST Highlight Open Source License Rulebook automatically interprets the often complicated text of an open source component license and breaks it down into easy to understand legal requirements such as:

  • What the license allows
  • What the license does not allow
  • What users of the component must do
  • What additional properties exist in the license (if any)

This information is presented in an intuitive, color-coded screen viewable directly in the CAST Highlight user interface whenever viewing an open source component detected within an application that was analyzed by the product. When new licenses are detected, CAST Highlight automatically generates the new rulebook without any need for user intervention. CAST has also published a reference guide that aggregates the rulebooks of open source components into a single document, available as a free download.

Open Source License Rulebook

The latest CAST Highlight release introduces other new capabilities as well such as: auto-generated Software Bill of Materials exports in the CycloneDX format, copyright notice reporting for open-source components, automated email notifications for new security vulnerabilities, and much more.

About CAST

CAST is the software intelligence category leader. CAST technology can see inside custom applications with MRI-like precision, automatically generating intelligence about their inner workings - composition, architecture, transaction flows, cloud readiness, structural flaws, legal and security risks. It’s becoming essential for faster modernization for cloud, raising the speed and efficiency of Software Engineering, better open source risk control, and accurate technical due diligence. CAST operates globally with offices in North America, Europe, India, China. Visit castsoftware.com.